Section: .. / 0601-advisories /
| /// File Name: |
sa18355.txt |
Description:
|
Secunia Security Advisory - Thomas Henlich has reported a vulnerability in the WebFTP module for SysCP, which can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/18355/ | | File Size: | 1802 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 391c41223aae601154e824535fddc61f |
|
| /// File Name: |
sa18354.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered some vulnerabilities in 427BB, which can be exploited by malicious people to conduct script insertion and SQL injection attacks, and bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18354/ | | File Size: | 2526 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 1513071afcba59f52f84a80770780c8c |
|
| /// File Name: |
sa18352.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Bogofilter, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/18352/ | | File Size: | 2593 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 6c3a980b57639082a3092a69e9c0b7b1 |
|
| /// File Name: |
sa18351.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain knowledge of potentially sensitive information and with unknown impact.
| | Homepage: | http://secunia.com/advisories/18351/ | | File Size: | 3458 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 602592ad9c899b491008512a2be64ec7 |
|
| /// File Name: |
sa18350.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for mod_auth_pgsql. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18350/ | | File Size: | 2623 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 8f3044fee9584689ca5f5387ba064006 |
|
| /// File Name: |
sa18349.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18349/ | | File Size: | 2058 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 80f67de7ff9bde64e6ad744ecedddd90 |
|
| /// File Name: |
sa18348.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for libapache2-mod-auth-pgsql. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18348/ | | File Size: | 5453 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | d6541f7b4979cd1007a9f5be325a37f6 |
|
| /// File Name: |
sa18347.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for apache2-mod_auth_pgsql. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/18347/ | | File Size: | 2041 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | ed7dd5e3533587e626a881656f87fe29 |
|
| /// File Name: |
sa18345.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in NavBoard, which potentially can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/18345/ | | File Size: | 2212 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | da47a59d93f2f7cc51756d8c635f6527 |
|
| /// File Name: |
sa18344.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for vmware. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18344/ | | File Size: | 1638 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 8bdadbbc2eb6f738e97aadb0bae5bee9 |
|
| /// File Name: |
sa18342.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has reported a vulnerability in MegaBBS, which potentially can be exploited by malicious people to disclose sensitive information.
| | Homepage: | http://secunia.com/advisories/18342/ | | File Size: | 1894 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 7caa493bdbfd9fea49365c3e44759aa4 |
|
| /// File Name: |
sa18338.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued updates for kpdf / kword. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18338/ | | File Size: | 34967 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | 9f52c5b8e9b13412979a56bbde5e3638 |
|
| /// File Name: |
sa18323.txt |
Description:
|
Secunia Security Advisory - H D Moore has reported a vulnerability in wine, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18323/ | | File Size: | 1803 | | Last Modified: | Jan 9 19:23:14 2006 |
| MD5 Checksum: | dee6343195a603e907c6bea3f36673f3 |
|
| /// File Name: |
glsa-200601-04.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-04 - Tim Shelton discovered that vmnet-natd, the host module providing NAT-style networking for VMware guest operating systems, is unable to process incorrect 'EPRT' and 'PORT' FTP requests. Versions less than 5.5.1.19175 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2947 | | Last Modified: | Jan 8 19:28:23 2006 |
| MD5 Checksum: | c0f65423d0f84c342825ad60d991290c |
|
| /// File Name: |
glsa-200601-03.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200601-03 - Patrice Fournier discovered that HylaFAX runs the notify script on untrusted user input. Furthermore, users can log in without a password when HylaFAX is installed with the pam USE-flag disabled. Versions less than 4.2.3-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2867 | | Last Modified: | Jan 8 06:33:52 2006 |
| MD5 Checksum: | 83ffe9f2f439954f90015fa3ca4bd7b0 |
|
| /// File Name: |
USN-238-2.txt |
Description:
|
Ubuntu Security Notice USN-238-2 - Damian Put discovered that Blender did not properly validate a length value in .blend files. Negative values led to an insufficiently sized memory allocation. By tricking a user into opening a specially crafted .blend file, this could be exploited to execute arbitrary code with the privileges of the Blender user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 2050 | | Related CVE(s): | CVE-2005-4470 | | Last Modified: | Jan 8 06:33:38 2006 |
| MD5 Checksum: | 0df14be9c51888dea426148b1f276df0 |
|
| /// File Name: |
USN-237-1.txt |
Description:
|
Ubuntu Security Notice USN-237-1 - Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 2333 | | Related CVE(s): | CVE-2005-3354 | | Last Modified: | Jan 8 06:32:55 2006 |
| MD5 Checksum: | ce39275a3d5c27f267a55a7ac698237e |
|
| /// File Name: |
APPLE-SA-2006-01-05.txt |
Description:
|
A malicious network attacker that can generate specially crafted packets may be able to cause an AirPort base station's network interface to stop responding normally, resulting in a denial-of-service.
| | Homepage: | http://www.apple.com | | File Size: | 2461 | | Related CVE(s): | CVE-2005-3714 | | Last Modified: | Jan 8 06:28:43 2006 |
| MD5 Checksum: | 35885c733fa292591a7c6a33103e6900 |
|
| /// File Name: |
TA06-005A.txt |
Description:
|
Technical Cyber Security Alert TA06-005A - Microsoft Security Bulletin MS06-001 contains an update to fix a vulnerability in the way Microsoft Windows handles images in the Windows Metafile (WMF) format. A remote, unauthenticated attacker may be able to execute arbitrary code if the user is persuaded to view a specially crafted Windows Metafile.
| | Homepage: | http://www.us-cert.gov | | File Size: | 2974 | | Last Modified: | Jan 8 06:24:03 2006 |
| MD5 Checksum: | d633db50e3ad33d50480c1e03eb0f8d8 |
|
| /// File Name: |
01.05.06-3.txt |
Description:
|
iDefense Security Advisory 01.05.06 - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to cause a denial of service (DoS) condition. The vulnerability can be triggered by sending a large string of 0xFF characters to the telnet proxy port of the server. Sending such a string will cause a heap corruption in the Winproxy process causing it to crash.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3098 | | Related CVE(s): | CAN-2005-3654 | | Last Modified: | Jan 8 06:22:27 2006 |
| MD5 Checksum: | 51328c7a5ad943401b04a139a636c740 |
|
| /// File Name: |
01.05.06-2.txt |
Description:
|
iDefense Security Advisory 01.05.06 - Remote exploitation of a buffer overflow vulnerability in Blue Coat Systems Inc.'s WinProxy allows for the remote execution of arbitrary code by attackers. The vulnerability can be triggered by sending an overly long Host: string to the web proxy service.
| | Author: | FistFuXXer | | Homepage: | http://www.idefense.com/ | | File Size: | 2675 | | Related CVE(s): | CAN-2005-4085 | | Last Modified: | Jan 8 06:21:45 2006 |
| MD5 Checksum: | 777092cbfe22925db03c68275c4b7bf5 |
|
| /// File Name: |
01.05.06-1.txt |
Description:
|
iDefense Security Advisory 01.05.06 - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to cause a denial of service (DoS) condition. The vulnerability specifically exists due to improper handling of a long HTTP request that is approximately 32,768 bytes long. When such a request occurs, the process will crash while attempting to read past the end of a memory region.
| | Author: | FistFuXXer | | Homepage: | http://www.idefense.com/ | | File Size: | 3039 | | Related CVE(s): | CAN-2005-3187 | | Last Modified: | Jan 8 06:20:28 2006 |
| MD5 Checksum: | 7bbb5db0939154c658a9a2161a256079 |
|
| /// File Name: |
USN-236-1.txt |
Description:
|
Ubuntu Security Notice USN-236-1 - Chris Evans discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 19162 | | Related CVE(s): | CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, CVE-2005-3627 | | Last Modified: | Jan 8 06:17:36 2006 |
| MD5 Checksum: | 3b89c5984a29f99449669b775fdef282 |
|
| /// File Name: |
USN-235-1.txt |
Description:
|
Ubuntu Security Notice USN-235-1 - Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this could be exploited to run arbitrary commands as the target user.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 4553 | | Related CVE(s): | CVE-2005-4158 | | Last Modified: | Jan 8 06:16:17 2006 |
| MD5 Checksum: | daeb0e42bb6c6f4f3612de4c9a603f73 |
|
| /// File Name: |
xlpd.txt |
Description:
|
xlpd 2.1 is susceptible to a denial of service condition when receiving too many connections from the same IP address.
| | Author: | dr_insane | | File Size: | 848 | | Last Modified: | Jan 8 06:07:33 2006 |
| MD5 Checksum: | 557dc2b7f86ce2cb6089ab4d26c5da53 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
